[ncc-services-wg] Improved Secure Communication for Registration Services (RS) Mailboxes

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



	All,

On 2004-02-25, at 10.01, Randy Bush wrote:

>>> X.509 is not the way to go. It's just a (needless) duplication of 
>>> effort.
>>> And wading forever in the mess of "do we use this protocol/format or 
>>> that"
>>> and so on.
>>
>> I would have to concur with this objection. PGP/GPG works, it is well
>> suited to workflow, requires few special tools (bar pgp software) on 
>> the
>> client side, and is an established method.
>>
>> Forcing certificate handling onto the LIR community is NOT good 
>> service, it
>> is IMNSHO overcomplication. PKIen have their uses, but this is not 
>> one.
>>
>> I say NO to X.509.
>
> i would ammend slightly.  the rirs provide us service.  some of us
> find pgp easier to deploy and use.  some will provide x.509 easier.
> so the rirs accepting *both* would be good.
>
> randy, a pgp kinda guy who also uses x.509 occasionally


I am kind of puzzled here.

The X.509 scheme was proposed there way before two RIPE meetings ago, 
when the NCC Services WG was new. I was also then voicing criticism, as 
was a few others. Not much discussion was raised though. Shawn then 
made a good presentation at the NCC Services WG meeting two RIPE 
meetings ago. We also had Dirk-Wilhelm van Gulik come in and explain 
X.509 and certificates in general. After the presentation, from what I 
remember most people thought this was a good idea, and a good add-on. 
So the NCC proceeded.

So, I am bit surprised that people are start having views -now-.

But I must agree with Randy, I have a hard time seeing what the problem 
is catering for multiple needs.

- - kurtis -

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQDx0CqarNKXTPFCVEQJP9wCg/Fry0R1u6CcjJKVhBJd7hZUCb60AoMOj
2FyShsugqEROrYTrg8ZFsBSN
=jzi+
-----END PGP SIGNATURE-----